<?php

class action extends mysql {

    /**
     * 用户权限判断($uid, $shell, $m_id)
     */
    public function Get_user_shell($uid, $shell) {
        $query = $this->select('admin', '*', '`userID` = \'' . $uid . '\'');
        $us = is_array($row = $this->fetch_array($query));
        $shell = $us ? $shell == sha1($row['userName'] . $row['userPassword'] . "PSY") : FALSE;
        return $shell ? $row : NULL;
    }

//end shell

    public function Get_user_shell_check($uid, $shell) {
        if ($row = $this->Get_user_shell($uid, $shell)) {
            return $row;
        } else {
            echo "<script>window.location.href='login.php'</script>";
        }
    }

//end shell
    public function Get_user_type_check($uid, $shell) {
        $row = $this->Get_user_shell($uid, $shell);
        if ($row['userType'] == "普通管理员") {
            echo "<script>alert('对不起，您是普通管理员，没有此项内容的管理权限！');window.location.href='right.php';</script>";
            exit();
        }
    }

    //========================================下面的方法暂时没有使用

    /**
     * 用户登陆超时时间(秒)
     */
    public function Get_user_ontime($long = '3600') {
        $new_time = mktime();
        $onlinetime = $_SESSION[ontime];
        echo $new_time - $onlinetime;
        if ($new_time - $onlinetime > $long) {
            echo "登录超时";
            session_destroy();
            exit();
        } else {
            $_SESSION[ontime] = mktime();
        }
    }

    /**
     * 用户登陆
     */
    public function Get_user_login($username, $password) {
        $username = str_replace(" ", "", $username);
        $query = $this->select('admin', '*', '`userName` = \'' . $username . '\'');
        $us = is_array($row = $this->fetch_array($query));
        ;
        $ps = $us ? sha1($password) == $row['userPassword'] : FALSE;
        if ($ps) {
            $_SESSION['uid'] = $row['userID'];
            $_SESSION['shell'] = sha1($row['userName'] . $row['userPassword'] . "PSY");
            $_SESSION['ontime'] = mktime();
            $this->Get_admin_msg('index.php', '登陆成功！');
        } else {
            $this->Get_admin_msg('login.php', '密码或用户错误！');
            session_destroy();
        }
    }

    /**
     * 用户退出登陆
     */
    public function Get_user_out() {
        session_destroy();
        $this->Get_admin_msg('login.php', '退出成功！');
    }

}

//end class
?>














